IPMediumSignal 59/100
118.194.234.29
Location
SingaporeSingapore, Singapore
ASN
AS135377
UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
First Seen
Oct 29, 2024
Last Seen
Jun 2, 2026
Oct 29
First Seen
595d ago
Jun 2
Last Seen
14d ago
24
Reports
source reports
59%
Confidence
medium
10/91
VirusTotal
detections
Found in 24 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
IPv4 Address
Network layer indicator observed in threat reports.
MISP Category
Network Activity
Confidence
59%
Signal Score
59 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Network Information
CountrySingapore
SingaporeRegionSingapore, Singapore
ASNAS135377
OrganizationUCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
IP Category
⟲
Proxy
Proxy server
Feed Intelligence Summary
24 reports59% confidence
24
Source reports
59%
Confidence score
Category tags
abuseaccess controlaccount compromiseactive scanactive scanningapplication layer protocolaptasiaattackattack source ipattacker-ipaustraliaauthentication attackautomated attacksautomated threatbad reputationbad web botbankingblacklist ipblog spambotnetbotnet activitybrute forcebrute force attackbrute force attackerbrute force attacksbrute force attemptsbrute-forcebrute-force attackbruteforcec2 communicationc2 serverchinacisco devicecisco exploitation attemptscivil servicescloud environmentcloud infrastructurecloud infrastructure attackcloud servicescommand & controlcommand and controlcommand injectioncommunication protocolcompromised hostcompromised hostscowriecowrie activitycowrie honeypotcowrie interactionscowrie ssh honeypotcredential accesscredential attackscredential brute forcecredential brute-forcecredential compromisecredential guessingcredential harvestingcredential stuffingcredit card servicesctadata encryptiondata exfiltrationdata store exposuredata theftdatabase attackdatabase brute forcedatabase securityddosddos attackddos attacksdecoy systemdefault credential abusedenial of servicedevice managementdigital oceandionaeadionaea activitydionaea honeypotdistributed attacksdnsdns attackelasticpot honeypotelasticsearch monitoringencryptionenterprise networkingenumerationeuropeexploitexploit attemptexploit attemptsexploitationexploitation activityexploitation attemptsexploited hostexternal access attemptsexternal-threatfattfinancefinance and insurancefinancial servicesfinancial technologyfinlandfrancefraud voipftpftp brute forceftp brute-forcegermanygovernment technologyhackinghoneynet connecthoneytrap honeypothttp brute forcehttp scannerhttp scanninghttp/shttpsidentity & access exploitationimapinbound scanindicatorinformation technologyinfrastructure acquisitionreconnaissanceinitial accessinjection activityinjection attacksinternet of thingsinternet_scannersintrusion detectioniociot botnetiot device exploitationiot securityiot targetediot/ics attackipv4ipv4-iocit infrastructurejapanlamplamp exploitationlamp server attacklamp stack targetinglateral movementlcialinux serverlinux serverslinux systemslogin attemptmailoney activitymailoney honeypotmalicious activitymalicious ip activitymalicious login attemptsmalicious payload attemptsmalicious payload detectionmalicious scanmalicious softwaremalwaremalware behaviourmalware capturemalware delivery attemptmalware distributionmirai botnetmodbusmssqlmysqlnetworknetwork attacksnetwork device probingnetwork discoverynetwork enumerationnetwork infrastructurenetwork intrusionnetwork intrusion attemptnetwork intrusion attemptsnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnetwork servicesnetwork traffic analysisnetwork-discoverynorth americaoceaniaopen proxyopportunistic attackosint enrichmentp0fpassword attackpassword attackspayment processingphishingphishing attackphishing trapping of deathpolandportscanprocess injectionprotocol exploitationproxyproxy protocolpublic administrationpublic infrastructurepublic policyransomwarereconnaissancereconnaissance activityregulatory agenciesremote accessremote servicesresearchedresource hijackingscams & fraudscanscannerscannersscanning activityscripting attackssecurity operationssecurity policysensor-taggedsentrypeer botnetserver exploitationservice scanservice scanningsftp attacksftp attemptssgsingaporesip scanningsmb brute forcesmtpsmtp brute forcesmtp probingsmtp scanningsocial engineeringsocradar honeypotsoftware developmentspamsql injectionsshssh attackssh monitoringsystem accesst-pott1016t1018t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1040t1041t1046t1053t1055t1059t1059.001t1059.003t1059.004t1059.007t1068t1071t1071.001t1076t1077t1078t1078.001t1078.002t1078.003t1078.004t1083t1105t1110t1110.001t1110.002t1110.003t1110.004t1133t1190t1203t1204.002t1210t1486t1496t1499.001t1499.002t1499.003t1505.002t1555t1563t1565t1566t1566.001t1566.002t1566.003t1566.004t1573t1573.001t1587.001t1590t1590.001t1590.006t1592t1592.002t1595t1595.001t1595.002t1595.003tannertargeting databasetcp protocoltcp scantelecommunicationstelnet threatthreat actorthreat detectionthreat intelligencethreat preventiontor nodetpotudp scanunattributed threat actorunauthorized accessunauthorized access attemptunauthorized loginunited kingdomunited statesvnc protocolvoipvoip attackvulnerability scanvulnerability-exploitationvultrvultr-platformwealth managementweb app attackweb application attackweb application attacksweb attackweb exploitweb exploitationweb scannerweb service scanningweb spamweb traffic
Activity Timeline
Jun 2Jun 2
Threat Activity Heatmap
· Peak: 2026-06-02LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
59
SIGNAL
Signal Score
59%
Confidence
24
Reports
First seenOct 29, 2024
Last seenJun 2, 2026
GeolocationSG
CountrySingapore
LocationSingapore, Singapore
ASNAS135377
OrgUCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
Coords1.3521, 103.8200
Proxy
WHOIS
- description
- IPv4 hosts detected port scanning DigitalOcean London (UK) honeypot
- raw
- inetnum: 118.194.232.0 - 118.194.235.255 netname: UCLOUD-SG descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED country: SG admin-c: UITH2-AP tech-c: UITH2-AP abuse-c: AU164-AP status: ALLOCATED NON-PORTABLE mnt-by: MAINT-UCLOUD-HK mnt-irt: IRT-UCLOUD-HK last-modified: 2023-03-09T08:24:02Z source: APNIC irt: IRT-UCLOUD-HK address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong e-mail: [email protected] abuse-mailbox: [email protected] admin-c: UITH2-AP tech-c: UITH2-AP auth: # Filtered remarks: [email protected] was validated on 2025-07-01 remarks: [email protected] was validated on 2025-07-01 mnt-by: MAINT-UCLOUD-HK last-modified: 2025-09-04T07:41:27Z source: APNIC role: ABUSE UCLOUDHK country: ZZ address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong phone: +000000000 e-mail: [email protected] admin-c: UITH2-AP tech-c: UITH2-AP nic-hdl: AU164-AP remarks: Generated from irt object IRT-UCLOUD-HK remarks: [email protected] was validated on 2025-07-01 remarks: [email protected] was validated on 2025-07-01 abuse-mailbox: [email protected] mnt-by: APNIC-ABUSE last-modified: 2025-07-01T09:51:21Z source: APNIC role: UCLOUD INFORMATION TECHNOLOGY HK LIMITED address: FLAT/RM 603 6/F, LAWS COMMERCIAL PLAZA, 788 CHEUNG SHA WAN ROAD, KL,, Hong Kong country: HK phone: +000000000 e-mail: [email protected] admin-c: UITH2-AP tech-c: UITH2-AP nic-hdl: UITH2-AP notify: [email protected] mnt-by: MAINT-UCLOUD-HK last-modified: 2022-05-16T03:54:14Z source: APNIC route: 118.194.234.0/24 origin: AS135377 descr: UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED FLAT/RM 603 6/F LAWS COMMERCIAL PLAZA 788 CHEUNG SHA WAN ROAD, KL, mnt-by: MAINT-UCLOUD-HK last-modified: 2023-03-10T09:39:38Z country: SG source: APNIC
- references
- https://github.com/telekom-security/tpotce, https://malware-filter.gitlab.io/malware-filter/botnet-filter.txt, https://raw.githubusercontent.com/ahamed-rizvan/IOCs/refs/heads/main/Malicous%20IP%20Address.txt
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 14 days ago
Appeared in 24 threat reports